[Cryptography] Email is unsecurable

[Ralf Senderek]

On Mon, 25 Nov 2013 ianG wrote:

> S/MIME failed because it is an atrocious key management design.

Agreed, and you haven't even brought CRLs into the picture that nobody 
finds nor checks.

> PGP failed because it never succeeded in conquering the GUI clients.

Today, the GUI may well be the browser, it's not clear to me that PGP
must fail here. Once we move encryption to the server, the GUI thing
becomes less important and some complexity evaporates.

> For example, consider traffic analysis or metadata or mass surveillance
> -- neither side did anything about that.  In fact, they made it worse.
> Both sides did not encrypt the entire important data, the Subject: being
> the obvious thing that wasn't encrypted.  S/MIME clients made it far
> worse by insisting that the From: field had to match the certificate
> used;  which made it a *validated surveillance indicator* as opposed to
> just another input to the spam filter.

While I wholeheartedly follow you on S/MIME, I think it's a bit unfair to 
PGP which was designed as a method to protect messages. It was used to 
protect email, but never promised to secure anything outside the message.
Put your subject in the message and leave the subject line empty. To 
secure email the way you wish, you'll need more than just encryption.

> Hence, I've concluded that email is unsecurable.

I hope the final word about that isn't spoken, yet. But waiting for the
big players to do it, certainly won't help as privacy doesn't fit into
their business model.

     --Ralf